Prior to working with the SDK, a GBG Identity Solution account is required. To set up the Identity Solution account an OAuth OpenID Connect URL is required. In return you’ll be set up with an account which you can access using the secure OAuth standards-based token method. This involves sending a secure HTTP request to your OAuth Identity Provider (such as Microsoft or Amazon Web Services) and receiving back an Identity Provider (IDP) access token. The token can later be exchanged (using an SDK function call, or another HTTP request) for a GBG access token whenever the user wishes to use the Identity Solution. The access token eventually expires and then another token can be requested by the user or the software.
You’ll also receive an initial Journey Identifier which defines which databases and verification procedures you wish to use to meet business or legal requirements. Additional Journey Identifiers can be created and profiles modified as needed.
If you’re planning to use the iOS SDK, then credentials to access the SDK will also be supplied.
Once you have the account, the procedures needed within Xcode are:
- Add SDK to your project
You’ll need to drag in SDK Frameworks and a profile (used for document scanning configuration; a default profile is supplied) into your project to achieve this.
- Initialize the SDK
The GBGVerifySDK.initialize() function is used to perform initialization for all the services you wish to use in the application.
- Obtain an Identity Provider Access Token
Either the mobile application, or a server-side application can be used to send a secure HTTP request to your Identity Provider (such as Microsoft or Amazon Web Services) to achieve this. This is standards-based and there are several methods. One popular method is called OAuth 2.0 Client Credentials Grant and it is based on a pre-shared client secret or alternatively a signed certificate. Another method is to use single sign-on (SSO) using OAuth 2.0 Authorisation Code Grant.
- Obtain a GBG Access Token
Create an AuthService object and call the authenticate method in order to exchange the Identity Provider access token for the GBG access token.
Once these four steps are complete, the application code can make use of any verification service, typically by creating an object and making a function call. The services that can be created and used are listed in the SDK Overview.
Underlying the SDK are HTTP requests and responses. If during software development you need to troubleshoot SDK interactions, a very quick way to see what occurred is to examine the HTTP request and response. To do this Charles for iOS can be used.